Read the story here. Advertise at Before It's News here.
Profile image
By Judicial Watch (Reporter)
Contributor profile | More stories
Story Views
Last hour:
Last 24 hours:

Judicial Watch: Records Show Obama DHS Scanned Georgia Election Site in 2016

% of readers think this story is Fact. Add your two cents.

Docs Suggest Activity Logs of Incidents Overwritten

(Washington, DC) Judicial Watch announced today that it received 243 pages of records from the Department of Homeland Security (DHS) that show the Obama administration’s scanning the election systems of Georgia, Alaska, Oregon, Kentucky and West Virginia in 2016. This activity prompted a letter from then-Georgia Secretary of State (now Governor) Brian Kemp to then-DHS Secretary Jeh Johnson accusing DHS of, “an unsuccessful attempt to penetrate the Georgia Secretary of State’s firewall.”

The records were produced in response to Judicial Watch’s Freedom of Information Act (FOIA) request, which asked for all records related to reported cyberattacks against the Georgia secretary of state’s information network involving DHS, including investigative reports, memoranda, correspondence and communications between October 1, 2016, and February 14, 2017.

The minutes of a DHS “Enterprise Security Operations Center” (ESOC) meeting indicate that on November 15, 2016, at 8:43 a.m. a “scanning event” occurred. The “‘scanning’ event was the result of a FLETC [Federal Law Enforcement Training Center] user’s Microsoft Office Discovery Protocol sending a packet with the OPTIONS flag to the Secretary of State of Georgia site.”

The minutes notes that the Enterprise Security Operations Center “has received requests from NCCIC [DHS’s The National Cybersecurity and Communications Integration Center] and MS-ISAC [Multi-State Information Sharing and Analysis Center] to investigate other states that have seen ‘suspicious’ activity.”

The minutes note that Kemp accused DHS of conducting illicit scans on at least February 2, February 28 and May 23, 2016, as well.

DHS notes in the minutes that they were working with Microsoft to determine what happened: “Microsoft and the ESOC with the assistance of FLETC, were able to confirm that the user non-maliciously copied and pasted elements of the website to an excel document, which triggered the HTTP ‘OPTIONS’ request.”

A “Microsoft E-Mail Statement (Unofficial Statement to ESOC)” was included with the minutes.  The email stated, “After looking at the data I do not see requests that look malicious in nature or appear to be attempting to exploit a vulnerability.”

A chart of “Current Open Vulnerabilities” for the period November 30, 2016, through December 12, 2016, noted that DHS had identified a total of 1,227 cyber vulnerabilities within DHS components, including five “High” severity ones at FEMA.

In a “Shift Pass Down Report – Sunday Night Shift – December 18, 2016” describing one of the State of Georgia incidents, DHS identifies that it originated, “from a FLETC-based Physical Security Contract Manager.”

DHS identifies activity originating from them in Alaska, Oregon, Kentucky and West Virginia.

In a “State of Alaska update,” the report notes, “Confirmed this activity was a NPPD [DHS’s National Protection and Programs Directorate] employee investigating twitter reports of compromise on an AK Election System, as part of his normal duties.”

A “State of Oregon update,” indicated that “Oregon Secretary of State inquired why they observed the same DHS IP reported by GASOS visiting their website. After engaging with DHS, Oregon agreed there was nothing suspicious and closed the investigation.”

A “State of Kentucky update” said, “Normal web traffic from DHS.”

A “State of West Virginia update” also said “Normal web traffic from DHS.”

In a December, 16, 2016, email exchange between DHS officials regarding a “Preliminary update on GASOS [Georgia Secretary of State]” an official notes there were at least 10 other “timestamps” in which “we have identified different components who have caused the same traffic as the FLETC user.” The log lists incidents involving FEMA, ICE-CIS and FLETC occurring between Feb. 2, 2016 and Sept. 12, 2016.

The email sender adds, “At this time, we cannot validate users with ease for these past timestamps due to DHCP and the lack of Authentication logs.”

Acting Principal Deputy Chief Information Officer, Jeanne Etzel replies to him, “When this gets published in the 4:00, don’t say ‘lack of logs’ say something about logs are maintained for xx days and the events in question occurred xx days ago therefore our logs are overwritten per our standard retention policy.”

Another official, unidentified, then forwards the exchange to unknown officials saying, “FYI. Please use the lens of Press Release and senior leaders.”

In a December 9, 2016, email, Director of DHS Cybersecurity Operations, Boyden Rohmer emailed an unidentified Chief of the Justice Security Operations Center at the Justice Department about “some claims by the State of Georgia that we’ve been scanning their website,” noting that when he pulled their logs over a three hour period, “we see that we have about 1800 similar requests.”

In an email exchange on December 8, 2016, sent to a DHS official, from a CBP CSOC [Customs and Border Protection/Cyber Security Operations Center] official indicated that the same CBP IP address that scanned the Georgia Secretary of State election systems also “previously was reported to us by Princess Cruise Lines” but “ESOC [DHS’s Enterprise Security Operations Center] assesses that the CBP computer was just doing normal web browsing to Princess Cruise Lines.”

The email continues, “ESOC assesses that the CBP computer was just doing normal browsing to Georgia’s Secretary of State office on Nov 15 as well.”

The CBP cyber security official then asks the DHS ESOC official for clarification of certain questions, such as “In both instances, who made this assessment that all of this activity was just ‘normal browsing’?” and “Please define ‘normal browsing’ as it is referenced in the text highlighted above.”

“The Obama DHS was caught scanning the Georgia Secretary of State’s website in 2016 and these documents show that details about the controversy may have been ‘overwritten,’” stated Judicial Watch President Tom Fitton.

In January 2017, the DHS Inspector General wrote to Kemp, saying that an investigation into his allegations was in progress and asking for web and network logs, as well as any other evidence that indicated the DHS attempted to breach Georgia’s system.

In July 2017, the DHS Inspector General reported to the House Committee on Oversight and Government Reform “that DHS employee interactions with the Georgia systems were limited to routine searches for publicly available information on the state’s public website and that none of the web pages visited were related to elections or voters.” And stated: “The investigation was conducted by employees in OIG’s specially trained Digital Forensics and Analysis Unit.”

Judicial Watch is a national leader for cleaner elections.

In September 2020, Judicial Watch released a study revealing that 353 U.S. counties had 1.8 million more registered voters than eligible voting-age citizens. In other words, the registration rates of those counties exceeded 100% of eligible voters. The study found eight states showing state-wide registration rates exceeding 100%: Alaska, Colorado, Maine, Maryland, Michigan, New Jersey, Rhode Island, and Vermont. The study collected the most recent registration data posted online by the states themselves. This data was then compared to the Census Bureau’s most recent five-year population estimates, gathered by the American Community Survey (ACS) from 2014 through 2018. ACS surveys are sent to 3.5 million addresses each month, and its five-year estimates are considered to be the most reliable estimates outside of the decennial census.

In 2018, the Supreme Court upheld a voter-roll cleanup program that resulted from a Judicial Watch settlement of a federal lawsuit with Ohio. California settled a federal lawsuit with Judicial Watch and last year began the process of removing up to 1.6 million inactive names from Los Angeles County’s voter rolls. Kentucky also began a cleanup of hundreds of thousands of old registrations last year after it entered into a consent decree to end another Judicial Watch lawsuit.

In 2020, Judicial Watch sued North Carolina, Pennsylvania, and Colorado for failing to clean their voter rolls, and sued Illinois for refusing to disclose voter roll data in violation of federal law.  Judicial Watch has several open records requests pending over the conduct of the 2020 election.

You can learn more about Judicial Watch’s clean election efforts here.


The post Judicial Watch: Records Show Obama DHS Scanned Georgia Election Site in 2016 appeared first on Judicial Watch.


Before It’s News® is a community of individuals who report on what’s going on around them, from all around the world.

Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.

"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.

Please Help Support BeforeitsNews by trying our Natural Health Products below!

Order by Phone at 888-809-8385 or online at M - F 9am to 5pm EST

Order by Phone at 888-809-8385 or online at M - F 9am to 5pm EST

Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!

HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation

Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.

MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser!  Cleans out toxic buildup with oxygen! 
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover -  Reduces Smart Meter radiation by 96%!  (See Video)

Immusist Beverage Concentrate - Proprietary blend, formulated to reduce inflammation while hydrating and oxygenating the cells.

Report abuse


    Your Comments
    Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

    Load more ...




    Email this story
    Email this story

    If you really want to ban this commenter, please write down the reason:

    If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.